(type adjtime_t)
(roletype object_r adjtime_t)
(type hwclock_t)
(roletype object_r hwclock_t)
(type hwclock_exec_t)
(roletype object_r hwclock_exec_t)
(roleattributeset cil_gen_require system_r)
(roletype system_r hwclock_t)
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (adjtime_t hwclock_exec_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (adjtime_t hwclock_exec_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (adjtime_t hwclock_exec_t ))
(typeattributeset cil_gen_require initrc_t)
(typeattributeset cil_gen_require systemprocess)
(typeattributeset systemprocess (hwclock_t ))
(typeattributeset cil_gen_require application_domain_type)
(typeattributeset application_domain_type (hwclock_t ))
(typeattributeset cil_gen_require domain)
(typeattributeset domain (hwclock_t ))
(typeattributeset cil_gen_require init_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require application_exec_type)
(typeattributeset application_exec_type (hwclock_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (hwclock_exec_t ))
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (hwclock_exec_t ))
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require unlabeled_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require shell_exec_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require clock_device_t)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require autofs_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require tty_device_t)
(typeattributeset cil_gen_require ttynode)
(typeattributeset cil_gen_require ptynode)
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset cil_gen_require initrc_devpts_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require locale_t)
(allow hwclock_t hwclock_exec_t (file (entrypoint)))
(allow hwclock_t hwclock_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t hwclock_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t hwclock_t (process (transition)))
(dontaudit initrc_t hwclock_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t hwclock_exec_t process hwclock_t)
(allow hwclock_t initrc_t (fd (use)))
(allow hwclock_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow hwclock_t initrc_t (process (sigchld)))
(allow hwclock_t self (capability (dac_override sys_rawio sys_time sys_tty_config)))
(dontaudit hwclock_t self (capability (sys_tty_config)))
(allow hwclock_t self (process (sigchld sigkill sigstop signull signal)))
(allow hwclock_t self (fifo_file (ioctl read write getattr lock append open)))
(allow hwclock_t adjtime_t (file (ioctl read write getattr setattr lock append open)))
(allow hwclock_t proc_t (dir (getattr open search)))
(allow hwclock_t sysctl_t (dir (getattr open search)))
(allow hwclock_t sysctl_kernel_t (dir (getattr open search)))
(allow hwclock_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow hwclock_t proc_t (dir (getattr open search)))
(allow hwclock_t sysctl_t (dir (getattr open search)))
(allow hwclock_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t proc_t (dir (getattr open search)))
(allow hwclock_t proc_t (file (ioctl read getattr lock open)))
(allow hwclock_t proc_t (dir (getattr open search)))
(allow hwclock_t proc_t (lnk_file (read getattr)))
(allow hwclock_t proc_t (dir (getattr open search)))
(allow hwclock_t proc_t (dir (ioctl read getattr lock open search)))
(dontaudit hwclock_t unlabeled_t (dir (getattr open search)))
(allow hwclock_t bin_t (dir (getattr open search)))
(allow hwclock_t bin_t (lnk_file (read getattr)))
(allow hwclock_t usr_t (dir (getattr open search)))
(allow hwclock_t bin_t (dir (getattr open search)))
(allow hwclock_t bin_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow hwclock_t bin_t (dir (getattr open search)))
(allow hwclock_t bin_t (lnk_file (read getattr)))
(allow hwclock_t usr_t (dir (getattr open search)))
(allow hwclock_t bin_t (dir (getattr open search)))
(allow hwclock_t bin_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow hwclock_t sysfs_t (dir (getattr open search)))
(allow hwclock_t sysfs_t (file (ioctl read getattr lock open)))
(allow hwclock_t sysfs_t (dir (getattr open search)))
(allow hwclock_t sysfs_t (lnk_file (read getattr)))
(allow hwclock_t sysfs_t (dir (getattr open search)))
(allow hwclock_t sysfs_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t clock_device_t (chr_file (ioctl read getattr lock open)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t clock_device_t (chr_file (ioctl write getattr lock append open)))
(allow hwclock_t clock_device_t (chr_file (setattr)))
(allow hwclock_t etc_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t etc_t (dir (getattr open search)))
(allow hwclock_t etc_t (file (ioctl read getattr lock open)))
(allow hwclock_t etc_t (dir (getattr open search)))
(allow hwclock_t etc_t (lnk_file (read getattr)))
(allow hwclock_t fs_t (filesystem (getattr)))
(allow hwclock_t autofs_t (dir (getattr open search)))
(dontaudit hwclock_t console_device_t (chr_file (ioctl read write getattr lock append open)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (lnk_file (read getattr)))
(allow hwclock_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (lnk_file (read getattr)))
(allow hwclock_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (lnk_file (read getattr)))
(allow hwclock_t devpts_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow hwclock_t privfd (fd (use)))
(allow hwclock_t init_t (fd (use)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (lnk_file (read getattr)))
(allow hwclock_t devpts_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t initrc_devpts_t (chr_file (ioctl read write getattr lock append open)))
(allow hwclock_t self (capability (audit_write)))
(allow hwclock_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow hwclock_t devlog_t (sock_file (write getattr append open)))
(allow hwclock_t var_run_t (lnk_file (read getattr)))
(allow hwclock_t var_t (dir (getattr open search)))
(allow hwclock_t var_run_t (dir (getattr open search)))
(allow hwclock_t init_runtime_t (dir (getattr open search)))
(allow hwclock_t syslogd_runtime_t (dir (getattr open search)))
(allow hwclock_t syslogd_t (unix_dgram_socket (sendto)))
(allow hwclock_t syslogd_t (unix_stream_socket (connectto)))
(allow hwclock_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow hwclock_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t device_t (dir (getattr open search)))
(allow hwclock_t device_t (lnk_file (read getattr)))
(allow hwclock_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit hwclock_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow hwclock_t etc_t (dir (getattr open search)))
(allow hwclock_t etc_t (lnk_file (read getattr)))
(allow hwclock_t usr_t (dir (getattr open search)))
(allow hwclock_t locale_t (dir (ioctl read getattr lock open search)))
(allow hwclock_t locale_t (dir (getattr open search)))
(allow hwclock_t locale_t (file (ioctl read getattr lock open)))
(allow hwclock_t locale_t (dir (getattr open search)))
(allow hwclock_t locale_t (lnk_file (read getattr)))
(allow hwclock_t locale_t (file (map)))
(optional clock_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow hwclock_t init_t (process (sigchld)))
    (allow hwclock_t init_t (process (signull)))
    (optional clock_optional_3
        (typeattributeset cil_gen_require rpm_t)
        (allow hwclock_t rpm_t (fd (use)))
        (allow hwclock_t rpm_t (fifo_file (ioctl read getattr lock open)))
    )
    (optional clock_optional_4
        (typeattributeset cil_gen_require security_t)
        (typeattributeset cil_gen_require sysfs_t)
        (dontaudit hwclock_t security_t (filesystem (getattr)))
        (dontaudit hwclock_t sysfs_t (filesystem (getattr)))
        (dontaudit hwclock_t sysfs_t (dir (getattr open search)))
        (dontaudit hwclock_t security_t (dir (getattr open search)))
        (dontaudit hwclock_t security_t (file (ioctl read getattr lock open)))
    )
    (optional clock_optional_5
        (typeattributeset cil_gen_require selinux_config_t)
        (dontaudit hwclock_t selinux_config_t (dir (getattr open search)))
        (dontaudit hwclock_t selinux_config_t (file (ioctl read getattr lock open)))
    )
    (optional clock_optional_6
        (typeattributeset cil_gen_require var_t)
        (typeattributeset cil_gen_require acpid_log_t)
        (typeattributeset cil_gen_require var_log_t)
        (typeattributeset cil_gen_require acpid_t)
        (allow hwclock_t var_t (dir (getattr open search)))
        (allow hwclock_t var_log_t (dir (getattr open search)))
        (allow hwclock_t var_log_t (lnk_file (read getattr)))
        (allow hwclock_t acpid_log_t (file (ioctl getattr lock append open)))
        (allow hwclock_t acpid_t (unix_stream_socket (read write)))
    )
    (optional clock_optional_7
        (typeattributeset cil_gen_require var_t)
        (typeattributeset cil_gen_require var_run_t)
        (typeattributeset cil_gen_require nscd_t)
        (typeattributeset cil_gen_require nscd_runtime_t)
        (booleanif (nscd_use_shm)
            (true
                (allow hwclock_t nscd_runtime_t (sock_file (read getattr open)))
                (allow hwclock_t nscd_runtime_t (dir (ioctl read getattr lock open search)))
                (dontaudit hwclock_t nscd_runtime_t (file (ioctl read getattr lock open)))
                (allow hwclock_t nscd_t (unix_stream_socket (connectto)))
                (allow hwclock_t nscd_runtime_t (sock_file (write getattr append open)))
                (allow hwclock_t nscd_runtime_t (dir (getattr open search)))
                (allow hwclock_t var_run_t (dir (getattr open search)))
                (allow hwclock_t var_t (dir (getattr open search)))
                (allow hwclock_t var_run_t (lnk_file (read getattr)))
                (allow hwclock_t nscd_t (fd (use)))
                (allow hwclock_t nscd_t (nscd (getgrp gethost getpwd shmemgrp shmemhost shmempwd)))
                (allow hwclock_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
            )
            (false
                (allow nscd_t hwclock_t (process (getattr)))
                (allow nscd_t hwclock_t (lnk_file (read getattr)))
                (allow nscd_t hwclock_t (file (ioctl read getattr lock open)))
                (allow nscd_t hwclock_t (dir (ioctl read getattr lock open search)))
                (dontaudit hwclock_t nscd_runtime_t (file (ioctl read getattr lock open)))
                (allow hwclock_t nscd_t (unix_stream_socket (connectto)))
                (allow hwclock_t nscd_runtime_t (sock_file (write getattr append open)))
                (allow hwclock_t nscd_runtime_t (dir (getattr open search)))
                (allow hwclock_t var_run_t (dir (getattr open search)))
                (allow hwclock_t var_t (dir (getattr open search)))
                (allow hwclock_t var_run_t (lnk_file (read getattr)))
                (dontaudit hwclock_t nscd_t (nscd (shmemgrp shmemhost shmempwd getserv shmemserv)))
                (dontaudit hwclock_t nscd_t (fd (use)))
                (allow hwclock_t nscd_t (nscd (getgrp gethost getpwd)))
                (allow hwclock_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
            )
        )
    )
    (optional clock_optional_8
        (typeattributeset cil_gen_require newrole_t)
        (allow hwclock_t newrole_t (process (sigchld)))
    )
    (optional clock_optional_9
        (typeattributeset cil_gen_require unpriv_userdomain)
        (dontaudit hwclock_t unpriv_userdomain (fd (use)))
    )
)
(filecon "/etc/adjtime" file (system_u object_r adjtime_t (systemlow systemlow)))
(filecon "/usr/bin/hwclock" file (system_u object_r hwclock_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/hwclock" file (system_u object_r hwclock_exec_t (systemlow systemlow)))
